Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 3 Jun 2010 22:04:44 +0000
From:      Andrew Hotlab <andrew.hotlab@hotmail.com>
To:        <samankaya@netscape.net>, <freebsd-jail@freebsd.org>
Subject:   RE: Strange things happening with jails?? Not starting up on boot or services not running inside!
Message-ID:  <BLU138-W35932975B5E41FC33DF781F6D10@phx.gbl>

next in thread | raw e-mail | index | archive | help

----------------------------------------
> Date: Thu=2C 3 Jun 2010 22:15:21 +0300
> From: SamanKaya@netscape.net
> To: freebsd-jail@freebsd.org
> Subject: Strange things happening with jails?? Not starting up on boot or=
 services not running inside!
>
> I have managed to create 4 and migrate many services in them already.
> The only issue is that one Jail containing the Postfix MTA which I use
> as an SMTP mail relay agent for my mail servers is not starting up when
> the OS has been rebooted or booted for that matter??
>
> I can't give any error logs as there are none but I can post the config
> which is here:
>
> JID IP Address Hostname Path
> 1 192.168.1.100 ns1.optiplex-networks.com /var/jail/named_1
> 2 192.168.1.101 ns2.optiplex-networks.com /var/jail/named_2
> 3 192.168.1.110 proxy.optiplex-networks.com /var/jail/squid
> 4 192.168.1.115 relay.optiplex-networks.com /var/jail/postfix
>
>
> jail_enable=3D"YES"
> jail_list=3D"named_1 named_2 squid"
> jail_named_1_rootdir=3D"/var/jail/named_1"
> jail_named_1_hostname=3D"ns1.optiplex-networks.com"
> jail_interface=3D"em0"
> jail_named_1_ip=3D"192.168.1.100"
> #jail_named_1_exec_start=3D"/usr/local/bin/named"
> jail_named_1_devfs_enable=3D"YES"
> jail_named_2_rootdir=3D"/var/jail/named_2"
> jail_named_2_hostname=3D"ns2.optiplex-networks.com"
> jail_interface=3D"em0"
> jail_named_2_ip=3D"192.168.1.101"
> jail_named_2_devfs_enable=3D"YES"
> jail_squid_rootdir=3D"/var/jail/squid"
> jail_squid_hostname=3D"proxy.optiplex-networks.com"
> jail_interface=3D"em0"
> jail_squid_ip=3D"192.168.1.110"
> jail_squid_devfs_enable=3D"YES"
> jail_postfix_rootdir=3D"/var/jail/postfix"
> jail_postfix_hostname=3D"relay.optiplex-networks.com"
> jail_interface=3D"em0"
> jail_postfix_ip=3D"192.168.1.115"
> jail_postfix_devfs_enable=3D"YES"
>
>

These lines are in the file /etc/rc.conf on the jail host?  If you created =
all jails with ezjail=2C there should be nothing like that: all jail_ vars =
would have been written in files stored in /usr/local/etc/ezjail/ (by defau=
lt).  If you are managing all jails with ezjail you can safely delete all t=
hese entries in the host's rc.conf (only remember to leave ezjail_enable=3D=
"YES" if you want automatic startup of all jails at boot time)


>
> Now another few issues related to the services inside is that I'm trying
> to start Squid for my reverse proxy inside a Jail. However=2C the service
> won't start on it's own as I'm needing port 80 and there seems to be a
> block against normal users using ports <1024. I tested this by getting
> Squid to run on it's default port 3128 and it works.....
>
> However the logs or screen readout just tells me that the service cannot
> connect to port 80??
>
> May 31 17:47:11 proxy squid[4360]: Cannot open HTTP Port
> May 31 17:47:11 proxy squid[4358]: Squid Parent: child process 4360
> exited due to signal 6
> May 31 17:47:14 proxy squid[4358]: Squid Parent: child process 4364 start=
ed
> May 31 17:47:15 proxy squid[4364]: Cannot open HTTP Port
> May 31 17:47:15 proxy squid[4358]: Squid Parent: child process 4364
> exited due to signal 6
> May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367 start=
ed
> May 31 17:47:18 proxy squid[4367]: Cannot open HTTP Port
> May 31 17:47:18 proxy squid[4358]: Squid Parent: child process 4367
> exited due to signal 6
> May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370 start=
ed
> May 31 17:47:21 proxy squid[4370]: Cannot open HTTP Port
> May 31 17:47:21 proxy squid[4358]: Squid Parent: child process 4370
> exited due to signal 6
>
> I tried adding the user's Proxy and Squid to the group Wheel however
> again no such luck :-(
>

I've never had to make Squid listening on port 80=2C but referring its star=
tup script in /usr/local/etc/rc.d/:

# squid_user:   The user id that should be used to run the Squid master
#               process. Default: squid.
#               Note that you probably need to define "squid_user=3Droot" i=
f
#               you want to run Squid in reverse proxy setups or if you wan=
t
#               Squid to listen on a "privileged" port < 1024.

So you only need to write the following line in /etc/rc.conf to have Squid =
listening on this privileged port:
squid_user=3D"root"

I've just tried that with Squid 3.0 and it works (check the output of the c=
ommand "sockstat -4l").

This is obviously a Squid-related issue=2C the fact that it's running in a =
jail is not relevant here.


Andrew

 		 	   		 =20
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=3D60969=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BLU138-W35932975B5E41FC33DF781F6D10>